Router Vulnerability - MisFortune Cookie

Tacitus · Dec 20, 2014, 10:32:20

Not solely iDNet related, but just a heads up in case anyone might be affected:

http://www.pcworld.com/article/2861713/dangerous-misfortune-cookie-flaw-discovered-in-12-million-home-routers.html

This vulnerability applies to many of the common domestic routers although I'm told that Apple airports are not affected. Whether that applies to only the current model is not clear.

More information here: http://www.checkpoint.com/blog/fortune-cookie-hole-internet-gateway/

A list of those tested so far and suspected to be vulnerable is here: http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf

Note that Check Point make the Zone Alarm range of security products.......

[EDIT] There's a bit more about router vulnerabilities here: http://news.techworld.com/security/3503163/best-selling-home-wireless-routers-wide-open-to-attack-study-finds/ One of the more interesting things is that leaving the default 192.168.1.X address, renders you more likely to be attacked. I can only assume that using 10.0.0.X or the 172.16.X.X series is more secure simply because these are less common.

Steve · Dec 20, 2014, 11:05:27

Nothing's really safe these days, however I tend not to let the dust settle for too long on my routers before another appears.

Tacitus · Dec 20, 2014, 12:50:23

Quote from: Steve on Dec 20, 2014, 11:05:27
Nothing's really safe these days, however I tend not to let the dust settle for too long on my routers before another appears.

I've been using the same one for a while now. I abandoned it in favour of a 2-Wire after I had problems and BT told me it had failed. It's still going..... I've kept the firmware up to date but I imagine it's been EOLd by now. Once fibre is installed in January, I'll look to a new one, although given this problem it's difficult to choose; the fact that the ASUS isn't on the list doesn't mean it's safe, only that they haven't tested it/don't know.

In the meantime I'll repurpose the Airport; since it's one of the last of the square ones, it should be fairly safe.

davej99 · Dec 20, 2014, 13:13:00

Quote from: Tacitus on Dec 20, 2014, 10:32:20
Not solely iDNet related, but just a heads up in case anyone might be affected:

Thanks for that, Tacitus.
Dave

Steve · Dec 20, 2014, 13:35:32

Asus WRT does not use RomPager neither does DD WRT.

Tacitus · Dec 20, 2014, 15:24:38

Quote from: Steve on Dec 20, 2014, 13:35:32
Asus WRT does not use RomPager neither does DD WRT.

Asus WRT/DD WRT aren't the standard firmware though are they? Fine for those of us that like tinkering, but possibly not for the average punter.

It's unfortunate that several of the Zyxel routers are on the list as I've always rather liked their kit.

Steve · Dec 20, 2014, 17:39:30

Asus WRT is the standard firmware.

https://github.com/RMerl/asuswrt-merlin/wiki/About-Asuswrt

Which ASUS Merlin is developed from.

Tacitus · Dec 21, 2014, 08:09:33

Quote from: Steve on Dec 20, 2014, 17:39:30
Asus WRT is the standard firmware.

Thanks Steve.

Tacitus · Dec 23, 2014, 07:59:24

FWIW I posted on the Draytek forum and got the following reply:

Quote from: Forum post by Draytek adminDrayTek do not use the vulnerable code and have no exposure to misfortune cookie.